Show/Hide Navigation

Articles in this section

Managing Security Group Settings

Overview

All users in AMS+ must be assigned to a Security Group. The Security Group controls what users can see and do in AMS+. We recommend this article to agency administrators who may be creating and managing users.

In addition, if you want your users to have access to Sales Records, call making and SMS texting, Rx Collect, and other Sales features, refer to this article for the required permissions.

IN THIS ARTICLE

Navigating to Security Groups
User types
Permissions and access
Permissions
Access
Commissions+ permissions
Legacy components

Navigating to security groups

To access Security groups, go to My Agency Settings > Security Groups. Please note, you must belong to a Security Group with the "Security Groups & Teams" Administrative permission to create, edit, and delete Security Groups.

Screenshot showing where to find the Security Group settings

User Types

The User Type controls the options you have for setting permissions and access. When creating a Security Group or assigning users to a Security Group, it’s good practice to check the User Type and make sure it’s the right fit.

  • Agency User - Intended for agency staff or agents that have multiple roles and responsibilities. Allows for custom access to all areas and records in AMS+.
  • Agent CRM User - Intended for agents that only need access to their book of business (up to a total of three), run reports, and download commission statements.
  • Agent Statement User - Intended for agents that only need to download their commission statements.

Here are the areas and records that users of each type can access:

Areas and records in AMS+ Agent Statement User Agent CRM User Agency User
Sales Enablement (Phone Dialer, Rx Collect, Texting, Sales Records, Sales Automated Workflows, Sales Mass Emails, and Sales Reporting; learn more) - Limited Full
Group - Limited Full
Individual - Limited Full
Policy - Limited Full
Agent - - Full
Carrier - Limited Full
Commission (Commissions+ only) - - Full
Commission Statements Limited Limited Full
Reporting - Limited Full
Administrative (Data & Custom Fields, Teams, Users, Security Groups, Email Association, etc.) - Limited Full
Marketing & Automation (if activated
Email Marketing or Automated Workflow) 		- - Full
Dashboard (View Agency Dashboard and Sales Dashboard Analytics) - - Full
Restrictions (Restrict login by IP address) - - Full

*The “Agency User” User Type is fully customizable. By default, it gives full access to everything in AMS+, but you can limit access to specific areas and record types.

Permissions and access

Permissions

Permissions define what users can do to the records they have access to. Here are three key permissions for Group, Individual, Policy, Agent, and Carrier records.

Permission Description
Visible Allows users to see records and data of the record type throughout AMS+. This includes tables, lists, searches, reports, and more.
Edit Allows users to make changes to records and data of the record type.
Delete Allows users to delete records and data of the record type.

Different combinations of permissions allow users to do different things. To view records and data of a record type, users only need the “Visible” permission. However, to edit or delete, users need a combination of the above permissions.

Keep this in mind if you want your users to be able to modify associations and shared data between multiple records. See the examples below.

Example 1: The user has the “Visible” and “Edit” permissions for Individual and Policy records. Thus, the user has the option to modify the Individual-Policy association.
Screenshot showing a pencil icon to edit a policy's association

Example 2: The User has “Visible” and “Edit” permissions for Individual records but not Policies. Thus, the User doesn’t have the option to modify the Individual-Policy association.
Screenshot showing the absence of the pencil icon to edit a policy's assocation

Access

Access allows you to more precisely manage Group, Individual, Policy, and Agent records that your users can view. Many agencies limit access for certain users, such as agents/producers, to only their books of business. Learn more.

Screenshot highlighting the access settings for Individual permissions in a Security Group

Commissions+ permissions

If your agency has the Commissions+ add-on, it’s important to set both commission access levels and commission-specific permissions correctly in each Security Group, so your users can process and manage commissions in AMS+.

Commission access settings

There are two access settings related to commissions:

  • All Commission Permissions
    Screenshot highlighting the access settings for commission permissions in a Security Group
  • Limited to Commission Settings, Policy Commission Details, and Policy Commission Payees
    Screenshot highlighting the limited access settings for commission permissions in a Security Group

These access settings control which commission features are visible in the system. However, even if a Security Group is set to ‘All Commission Permissions’, users will still need additional permissions to take action.

Required permissions for commission features

Users must also be granted specific permissions to perform tasks related to commissions:

  • Visible (Full Commission Viewing): Allows users to view all commission data.
  • Edit (Full Commission Editing): Allows users to add and update commission entries.
  • Purge Commission Entries: Allows users to delete commission data by Agent Statement Date from the Date Utilities page or by import from the Commission History page.
  • Lock/Unlock Commission Entries: Allows users to lock or unlock Agent Statement Dates and the commission entries associated with them. This is required for agents to view their statements.
  • Manage Agent Adjustments: Enables users to issue one-time payments using agent adjustments.

Important: If you assign the ‘All Commission Permissions’ access level, make sure you enable the required permissions listed above. Otherwise, your users may not be able to view, edit, or manage any commission data, even though it appears they have full access.

Legacy components

Note: Legacy components include outdated features and functionality that may not be present in your account. This section is only relevant if your account has them.

Legacy components in this section:

Sales Pipeline and Sales Opportunity permissions

If the ‘Administer Sales Pipeline’ permission is enabled, users that are assigned to the Security Group can create, edit, and delete Sales Pipelines in the account-level settings. Please note that this permission is available for Agency Users only.

Screenshot showing the Sales Pipeline permission

The Sales Opportunity permissions affect users’ ability to see, add, edit, and delete Sales Opportunity records in AMS+. Access can be limited to records assigned to the user’s accessible agents only.

Screenshot showing the Sales Opportunity permissions

Refer to this article for more on Sales Pipeline-related permissions.

Related articles